b3f7c3d7cd9d5258640459f7ed08adeb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3f7c3d7cd9d5258640459f7ed08adeb_JaffaCakes118
Size

4KB
MD5

b3f7c3d7cd9d5258640459f7ed08adeb
SHA1

c5a1d0f66cf9e21bc1ea532098aacdbe37d188cd
SHA256

1a873a05309dfcab86562aa94a87cf062bc1a621c40f0419ec381e16d6560ad5
SHA512

980641d7371cfc1f82b9a6fd83f1415f578ebb15ba8df9cefb5fa4af51f433a69749f3a8f91b5fdd0c53b1502bd55399c48e7c1fcb15d853f0fe0962b27654e8
SSDEEP

96:qBkVv36vM2sq+NKU36et66zpldh3Ie3KjeXoNAy7d5Ey:qBk42sfFd3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3f7c3d7cd9d5258640459f7ed08adeb_JaffaCakes118

Files

b3f7c3d7cd9d5258640459f7ed08adeb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

813089cfc79726be07ab586ca105b203

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
lstrcatA
GetSystemDirectoryA

advapi32

DeleteService
ControlService
OpenSCManagerA
StartServiceA
OpenServiceA
CloseServiceHandle
CreateServiceA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 354B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ